On ma, 27 marras 2017, Michael Frank via FreeIPA-users wrote:

we run freeipa based on red hat 7.3
It is possible to determine if a certain user (idm user who can become
root via sudo) is logged in on multiple idm machines and restrict for
the user that only *one* login on a single server at the same time is
allowed ?

Any hints how to do this - or - is there something „built-in“ ?
There is nothing built-in. There is also nothing that would help you
with identifying a single server logon too since authentication could
happen against any IPA master so a prospective tool would need to
gather this information from all masters before making a decision. It is
just too fragile policy to implement.

/ Alexander Bokovoy
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to